[gorjusborg]

i am fully aware i wear tin foil, but my passwords will never be online.

simply collecting them makes them a potentially valuable target, and even though encrypted, it cam be cracked with enough time and money.

edit: KeepassXC user here too.

[rand49an]

I would assume that the most likely issue you would face is malware running on your own computer that captures the master key or sends passwords back to an attacker. Not someone gaining access to the encrypted password vault and then cracking it - unless you have a very week key.

[gorjusborg]

No weak key here, and you may be right, but my main concern is that encryption is only strong in a given time period.

If someone could gain a copy of a known high-value ciphertext, they may not be able to crack it now, but time is on their side, and I can't recover the file once it is out there. My only recourse is to speculatively rotate passwords inside the file.